Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability.
Loading...
Loading...
This critical-severity CVE scores 9.8 under NVD CVSS v3. EPSS exploit-prediction score not yet available (the EPSS model rescores nightly; freshly-published CVEs typically appear within 48 hours). GitHub Security Advisory data not yet ingested — confidence will rise once GHSA publishes (typical lag: hours to days for open-source ecosystem CVEs; never for infrastructure-only CVEs).
Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability.
December 30, 2024
February 7, 2025
Patch available: InfotelGLPI/tasklists 2.0.4 (contains commit 6444026e3d2b)
https://github.com/InfotelGLPI/tasklists/commit/6444026e3d2b8fb22d5e5ab03fb86056e1ac9e43MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Explore the affected products and dependency analysis for CVE-2024-56801
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.